While Stephen was in tune with CASL going into the presentation, I needed a tune-up myself on what’s happening with our friends north of the border. Interestingly enough, CASL isn’t limited to Canada but affects senders right here in the U.S. of A — including you!

Here’s some of the key takeaways and what you should know about scaling the CASL.

The law affects any message sent from or accessed by a computer located in Canada.

The ‘accessed by’ is the key here. If I live in Milwaukee, WI, and send a spam mail campaign to a Canadian user, I have violated CASL, a law designed to help protect Canadian citizens. Of course, if other countries don’t support the effort (and really, we’re talking about the U.S.), it’s kind of a moot point.

It’s more than email.

While our CAN-SPAM laws affect just email, CASL covers every form of electronic communication like email, instant messaging, text, social media, etc. This is certainly an expansive law and I wonder about enforcement due to the sheer amount of potential complaints.

All contact has to be started by an opt-in.

Everything sent out has to be opt-in (i.e. “explicit consent”) or fall within the guidelines of being a consenting customer/client/contact. Some examples of consent include family, personal relationships, and business inquiries. If you’ve done business with a sender, that is considered implied consent, meaning that it is ok to send communications within two years of that kickoff. After that, you must gain consent again.

Unsubscribes must be processes without delay.

While at SendLabs, I wrote about how frustrated I was that ESPs wouldn’t process unsubscribes immediately. By not doing so, the process is fraught with potential potholes in the customer/sender relationship. With CASL, unsubs must be processed without delay. Hooray!

These are no small fines we’re talking about.

While there are exemptions for honest mistakes, certain violations can range from up to $1 million for an individual or up to $10 million for an organization with disciplinary actions handed out by different Canadian organizations. They’re serious about enforcing these laws but again, I wonder about resources and how potential offenses will be evaluated.

Also of interest, those responsible for overseeing electronic communications are ultimately responsible for abiding by everything you just read above (think managers, directors, etc). Now if an employee they oversee goes rogue and violates the regs, that will be taken into consideration. However, a marketing manager cannot take a blind eye and just “blast” away without any concern. Neither can spammers and it will be fun to see some of the worst get called out and hit hard where it matters: the wallet.

There are more consequences to sending bad email than ever before, but as I said above, enforcement and making it public is the important thing. A law like this is only as good as those deterred by the consequences to abide by it.

Josh Nason is a Reputation Manager at Oracle Dyn Global Business Unit, a pioneer in managed DNS and a leader in cloud-based infrastructure that connects users with digital content and experiences across a global internet.